CVSS: 5.0EPSS: 2%CPEs: 7EXPL: 0CVE-2012-3509
https://notcve.org/view.php?id=CVE-2012-3509
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow. Varias vulnerabilidades de desbordamiento de enteros en la función _objalloc_alloc (1) en objalloc.c y (2) macro objalloc_alloc en include/objalloc.h en GNU libiberty, utilizada por binutils v2.22, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores relacionada con la "adición de CHUNK_HEADER_SIZE a la longitud", lo que provoca un desbordamiento de búfer basado en heap • http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54411 http://gcc.gnu.org/ml/gcc-patches/2012-08/msg01986.html http://security-tracker.debian.org/tracker/CVE-2012-3509 http://www.mandriva.com/security/advisories?name=MDVSA-2015:029 http://www.openwall.com/lists/oss-security/2012/08/29/3 http://www.securityfocus.com/bid/55281 http://www.ubuntu.com/usn/USN-2496-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/78135 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 3CVE-2006-2362 – GNU BinUtils 2.1x - Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2362
Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character. • https://www.exploit-db.com/exploits/27856 http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html http://secunia.com/advisories/20188 http://secunia.com/advisories/20531 http://secunia.com/advisories/20550 http://secunia.com/advisories/22932 http://secunia.com/advisories/27441 http://sourceware.org/bugzilla/show_bug.cgi?id=2584 http://www.mail-archive.com/bug-binutils%40gnu.org/msg01516.html http://www.novell.com/linux/security/advisories/2006_26_sr.html htt • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 2CVE-2005-4807 – GNU BinUtils 2.1x - GAS Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-4807
Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code. • https://www.exploit-db.com/exploits/28397 http://bugs.gentoo.org/show_bug.cgi?id=99464 http://secunia.com/advisories/21508 http://secunia.com/advisories/21530 http://www.osvdb.org/27960 http://www.securityfocus.com/bid/19555 http://www.ubuntu.com/usn/usn-336-1 http://www.vupen.com/english/advisories/2006/3307 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2005-4808
https://notcve.org/view.php?id=CVE-2005-4808
Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file. • http://sources.redhat.com/bugzilla/show_bug.cgi?id=1069 http://www.ubuntu.com/usn/usn-366-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/44661 •